package com.cc.controller;

import com.cc.entity.SysRight;
import com.cc.entity.SysRole;
import com.cc.entity.SysUser;
import com.cc.service.IRoleService;
import com.cc.service.ISysUserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.omg.CORBA.UserException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;

/**
 * @author 新梦想.陈超
 * @version 2021.2
 * @Description: {TODO}
 * @date 2022/5/24 下午4:37
 */
@Controller
@RequestMapping("user")
@Slf4j
public class UserController {
    @Resource
    private ISysUserService iSysUserService;
    @Resource
    private IRoleService iRoleService;

    @PostMapping("login")
    @ResponseBody //将对象或集合或数组转为json对象或数组字符串
    public String login(SysUser user, HttpServletRequest request){
        log.info("登录用户信息用户名为：{} ,密码为：{}",user.getUsrName(),user.getUsrPassword());
        //TODO 一、shiro实现认证
        //1.登录认证
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(user.getUsrName(),user.getUsrPassword());
        subject.login(token);
        //2.动态加载菜单
        //1)获取已经经过shiro认证通过的用户信息
        SysUser lgnUser = (SysUser) SecurityUtils.getSubject().getPrincipal();
        //2)获取该用户的权限
        SysRole sysRole = iRoleService.queryRoleAndRights(lgnUser.getUsrRoleId());
        List<SysRight> rightList = sysRole.getRightList();


        //TODO 二、自己实现认证

//        SysUser lgnUser = iSysUserService.login(user);
//        log.info("===========role=========={}",lgnUser.getSysRole().getRoleName());
//        int a = 10/0;
//        if(lgnUser==null){//用户名 或密码错误
//            return "{'code':1,'msg':'failed'}";
//        }

//        String rights= "L01 = theMenu.addChild(l2ID, \"Folder\", \"营销管理\", \"\", \"营销管理...\");"+
//        "L0101 = theMenu.addChild(L01, \"Document\", \"销售机会管理\", \"${pageContext.request.contextPath}/sale/list\", \"销售机会管理...\");"+
//        "L0102 = theMenu.addChild(L01, \"Document\", \"客户开发计划\", \"~sale/dev.html\", \"客户开发计划...\");";


        //TODO 三、拼接权限
        StringBuilder rights = new StringBuilder();
//        List<SysRight> rightList = lgnUser.getSysRole().getRightList();
        rightList.forEach(right->{
            rights.append(right.getRightCode() +"=theMenu.addChild(");
            if(right.getRightType().equals("Folder")){
                rights.append("l2ID,");
            }else{
                rights.append(right.getRightParentCode()+",");
            }
            rights.append("\""+right.getRightType()+"\",");
            rights.append("\""+right.getRightText()+"\",");
            rights.append("\""+right.getRightUrl()+"\",");
            rights.append("\""+right.getRightTip()+"....\");");
        });

        log.info("权限信息为：{}",rights);
        //敏感数据脱敏
        lgnUser.setUsrPassword(null);
        lgnUser.setPasswordSalt(null);
        //要将用户信息保存到session（单体） 【非单体 redis】,目的：记住登录状态
        HttpSession session = request.getSession();
        session.setAttribute("lgnUser",lgnUser);
        session.setAttribute("rights",rights);


        return "{'code':0,'msg':'success'}";

    }
}
